The util-linux package contains a large variety of systemutilities that are necessary for a Linux system to function.Among many features, it includes the chfn utility, a suid root toolused to change user account information.

Michal Zalewski found a race condition vulnerability[1] in the waychfn locks files when changing /etc/passwd. In order to sucessfullyexploit this vulnerability, some administrator interaction is neededand there are some prerequisites to fulfill. Full details can befound in the Bindview advisory[2].

Having what appears to be a stale /etc/ptmptmp file could be a signthat the vulnerability is being exploited. In that case, theadministrator should investigate current users and processes beforeattemtping to remove this file.

The Common Vulnerabilities and Exposures project (cve.mitre.org) hasassigned the name CVE-2002-0638 to this issue[3].

Please note that the fixed packages were available in our ftp serverssince September 2nd, 2002.

Solution:The apt tool can be used to perform RPM package upgrades by running 'apt-get update' followed by 'apt-get upgrade'